New York Times Hacked?

First time accepted submitter porsche911 writes "It looks like the NYTimes have been hacked and a large number of subscribers spammed with messages about cancellation of their service. The phone system is overwhelmed as well. The Times is currently saying the email is a fake, but that raises other worries. They were one of the only 3rd parties that had the email in question so it appears either someone really screwed up or they've suffered a data breach." Update: 12/28 21:59 GMT by S : Looks like it was just a mistake by an employee.

Could be untargeted phishing

[DragonHawk]

It could also be that some con-artist somewhere is sending out phishing emails, designed to look like Times cancellation notices, and sent to large numbers of harvested email addresses. Since the set of NYT subscribers with an email address is a proper subset of the set of people with an email address, a lot of NYT subscribers would still be hit.

But "New York Times Hacked" makes for a better headline.

Re:Could be untargeted phishing

[postbigbang]

The bounce in the header of the message implies that it was triggered internally. It wouldn't have been used to launder the list, because the bounces would have gone back to NYT.

My guess is that it's not a DDOS, it's a fuckup.

Re:Print Subscribers Only

[dzfoo]

Then how would you explain that I received the message on an e-mail address that I made specifically to use the NYT app and never have used for anything else?

That automatically rules out a third party. It was either sent in error, or their user accounts list was indeed compromised.

A possible third alternative is that they shared their accounts list with a partner that was then compromised. Either way it seems the list was compromised.